<!DOCTYPE html><html lang="zh-CN" data-theme="light"><head><meta charset="UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1.0,viewport-fit=cover"><title>访问控制权限 | East'blog</title><meta name="author" content="侯玉东"><meta name="copyright" content="侯玉东"><meta name="format-detection" content="telephone=no"><meta name="theme-color" content="#ffffff"><meta name="description" content="访问控制权限">
<meta property="og:type" content="article">
<meta property="og:title" content="访问控制权限">
<meta property="og:url" content="https://houyudong1989.gitee.io/blog/2023/11/21/harmonyOS/%E6%9D%83%E9%99%90%E6%8E%88%E4%BA%88/index.html">
<meta property="og:site_name" content="East&#39;blog">
<meta property="og:description" content="访问控制权限">
<meta property="og:locale" content="zh_CN">
<meta property="og:image" content="https://houyudong1989.gitee.io/blog/img/library1.jpeg">
<meta property="article:published_time" content="2023-11-21T06:35:15.444Z">
<meta property="article:modified_time" content="2024-03-22T09:34:07.925Z">
<meta property="article:author" content="侯玉东">
<meta property="article:tag" content="harmonyOS">
<meta name="twitter:card" content="summary">
<meta name="twitter:image" content="https://houyudong1989.gitee.io/blog/img/library1.jpeg"><link rel="shortcut icon" href="/blog/img/head.jpg"><link rel="canonical" href="https://houyudong1989.gitee.io/blog/2023/11/21/harmonyOS/%E6%9D%83%E9%99%90%E6%8E%88%E4%BA%88/index.html"><link rel="preconnect" href="//cdn.jsdelivr.net"/><link rel="preconnect" href="//busuanzi.ibruce.info"/><link rel="stylesheet" href="/blog/css/index.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free/css/all.min.css" media="print" onload="this.media='all'"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox/fancybox.min.css" media="print" onload="this.media='all'"><script>const GLOBAL_CONFIG = {
  root: '/blog/',
  algolia: undefined,
  localSearch: undefined,
  translate: undefined,
  noticeOutdate: undefined,
  highlight: {"plugin":"highlighjs","highlightCopy":true,"highlightLang":true,"highlightHeightLimit":false},
  copy: {
    success: '复制成功',
    error: '复制错误',
    noSupport: '浏览器不支持'
  },
  relativeDate: {
    homepage: false,
    post: false
  },
  runtime: '',
  dateSuffix: {
    just: '刚刚',
    min: '分钟前',
    hour: '小时前',
    day: '天前',
    month: '个月前'
  },
  copyright: undefined,
  lightbox: 'fancybox',
  Snackbar: undefined,
  infinitegrid: {
    js: 'https://cdn.jsdelivr.net/npm/@egjs/infinitegrid/dist/infinitegrid.min.js',
    buttonText: '加载更多'
  },
  isPhotoFigcaption: false,
  islazyload: false,
  isAnchor: false,
  percent: {
    toc: true,
    rightside: false,
  },
  autoDarkmode: false
}</script><script id="config-diff">var GLOBAL_CONFIG_SITE = {
  title: '访问控制权限',
  isPost: true,
  isHome: false,
  isHighlightShrink: false,
  isToc: true,
  postUpdate: '2024-03-22 17:34:07'
}</script><script>(win=>{
      win.saveToLocal = {
        set: (key, value, ttl) => {
          if (ttl === 0) return
          const now = Date.now()
          const expiry = now + ttl * 86400000
          const item = {
            value,
            expiry
          }
          localStorage.setItem(key, JSON.stringify(item))
        },
      
        get: key => {
          const itemStr = localStorage.getItem(key)
      
          if (!itemStr) {
            return undefined
          }
          const item = JSON.parse(itemStr)
          const now = Date.now()
      
          if (now > item.expiry) {
            localStorage.removeItem(key)
            return undefined
          }
          return item.value
        }
      }
    
      win.getScript = (url, attr = {}) => new Promise((resolve, reject) => {
        const script = document.createElement('script')
        script.src = url
        script.async = true
        script.onerror = reject
        script.onload = script.onreadystatechange = function() {
          const loadState = this.readyState
          if (loadState && loadState !== 'loaded' && loadState !== 'complete') return
          script.onload = script.onreadystatechange = null
          resolve()
        }

        Object.keys(attr).forEach(key => {
          script.setAttribute(key, attr[key])
        })

        document.head.appendChild(script)
      })
    
      win.getCSS = (url, id = false) => new Promise((resolve, reject) => {
        const link = document.createElement('link')
        link.rel = 'stylesheet'
        link.href = url
        if (id) link.id = id
        link.onerror = reject
        link.onload = link.onreadystatechange = function() {
          const loadState = this.readyState
          if (loadState && loadState !== 'loaded' && loadState !== 'complete') return
          link.onload = link.onreadystatechange = null
          resolve()
        }
        document.head.appendChild(link)
      })
    
      win.activateDarkMode = () => {
        document.documentElement.setAttribute('data-theme', 'dark')
        if (document.querySelector('meta[name="theme-color"]') !== null) {
          document.querySelector('meta[name="theme-color"]').setAttribute('content', '#0d0d0d')
        }
      }
      win.activateLightMode = () => {
        document.documentElement.setAttribute('data-theme', 'light')
        if (document.querySelector('meta[name="theme-color"]') !== null) {
          document.querySelector('meta[name="theme-color"]').setAttribute('content', '#ffffff')
        }
      }
      const t = saveToLocal.get('theme')
    
        if (t === 'dark') activateDarkMode()
        else if (t === 'light') activateLightMode()
      
      const asideStatus = saveToLocal.get('aside-status')
      if (asideStatus !== undefined) {
        if (asideStatus === 'hide') {
          document.documentElement.classList.add('hide-aside')
        } else {
          document.documentElement.classList.remove('hide-aside')
        }
      }
    
      const detectApple = () => {
        if(/iPad|iPhone|iPod|Macintosh/.test(navigator.userAgent)){
          document.documentElement.classList.add('apple')
        }
      }
      detectApple()
    })(window)</script><meta name="generator" content="Hexo 6.3.0"></head><body><div id="loading-box"><div class="loading-left-bg"></div><div class="loading-right-bg"></div><div class="spinner-box"><div class="configure-border-1"><div class="configure-core"></div></div><div class="configure-border-2"><div class="configure-core"></div></div><div class="loading-word">加载中...</div></div></div><script>(()=>{
  const $loadingBox = document.getElementById('loading-box')
  const $body = document.body
  const preloader = {
    endLoading: () => {
      $body.style.overflow = ''
      $loadingBox.classList.add('loaded')
    },
    initLoading: () => {
      $body.style.overflow = 'hidden'
      $loadingBox.classList.remove('loaded')
    }
  }

  preloader.initLoading()
  window.addEventListener('load',() => { preloader.endLoading() })

  if (true) {
    document.addEventListener('pjax:send', () => { preloader.initLoading() })
    document.addEventListener('pjax:complete', () => { preloader.endLoading() })
  }
})()</script><div id="sidebar"><div id="menu-mask"></div><div id="sidebar-menus"><div class="avatar-img is-center"><img src="/blog/img/head.jpg" onerror="onerror=null;src='/img/friend_404.gif'" alt="avatar"/></div><div class="sidebar-site-data site-data is-center"><a href="/blog/archives/"><div class="headline">文章</div><div class="length-num">70</div></a><a href="/blog/tags/"><div class="headline">标签</div><div class="length-num">26</div></a><a href="/blog/categories/"><div class="headline">分类</div><div class="length-num">18</div></a></div><hr class="custom-hr"/><div class="menus_items"><div class="menus_item"><a class="site-page" href="/blog/"><i class="fa-fw fas fa-home"></i><span> 首页</span></a></div><div class="menus_item"><a class="site-page" href="/blog/archives/"><i class="fa-fw fas fa-archive"></i><span> 时间轴</span></a></div><div class="menus_item"><a class="site-page" href="/blog/tags/"><i class="fa-fw fas fa-tags"></i><span> 标签</span></a></div><div class="menus_item"><a class="site-page" href="/blog/categories/"><i class="fa-fw fas fa-folder-open"></i><span> 分类</span></a></div><div class="menus_item"><a class="site-page" href="/blog/link/"><i class="fa-fw fas fa-link"></i><span> 友联</span></a></div><div class="menus_item"><a class="site-page" href="/blog/about/"><i class="fa-fw fas fa-heart"></i><span> 关于</span></a></div></div></div></div><div class="post" id="body-wrap"><header class="post-bg fixed" id="page-header" style="background-image: url('/blog/img/library4.jpeg')"><nav id="nav"><span id="blog-info"><a href="/blog/" title="East'blog"><img class="site-icon" src="/blog/img/head.jpg"/><span class="site-name">East'blog</span></a></span><div id="menus"><div class="menus_items"><div class="menus_item"><a class="site-page" href="/blog/"><i class="fa-fw fas fa-home"></i><span> 首页</span></a></div><div class="menus_item"><a class="site-page" href="/blog/archives/"><i class="fa-fw fas fa-archive"></i><span> 时间轴</span></a></div><div class="menus_item"><a class="site-page" href="/blog/tags/"><i class="fa-fw fas fa-tags"></i><span> 标签</span></a></div><div class="menus_item"><a class="site-page" href="/blog/categories/"><i class="fa-fw fas fa-folder-open"></i><span> 分类</span></a></div><div class="menus_item"><a class="site-page" href="/blog/link/"><i class="fa-fw fas fa-link"></i><span> 友联</span></a></div><div class="menus_item"><a class="site-page" href="/blog/about/"><i class="fa-fw fas fa-heart"></i><span> 关于</span></a></div></div><div id="toggle-menu"><a class="site-page" href="javascript:void(0);"><i class="fas fa-bars fa-fw"></i></a></div></div></nav><div id="post-info"><h1 class="post-title">访问控制权限</h1><div id="post-meta"><div class="meta-firstline"><span class="post-meta-date"><i class="far fa-calendar-alt fa-fw post-meta-icon"></i><span class="post-meta-label">发表于</span><time class="post-meta-date-created" datetime="2023-11-21T06:35:15.444Z" title="发表于 2023-11-21 14:35:15">2023-11-21</time><span class="post-meta-separator">|</span><i class="fas fa-history fa-fw post-meta-icon"></i><span class="post-meta-label">更新于</span><time class="post-meta-date-updated" datetime="2024-03-22T09:34:07.925Z" title="更新于 2024-03-22 17:34:07">2024-03-22</time></span><span class="post-meta-categories"><span class="post-meta-separator">|</span><i class="fas fa-inbox fa-fw post-meta-icon"></i><a class="post-meta-categories" href="/blog/categories/harmonyOS/">harmonyOS</a></span></div><div class="meta-secondline"><span class="post-meta-separator">|</span><span class="post-meta-pv-cv" id="" data-flag-title="访问控制权限"><i class="far fa-eye fa-fw post-meta-icon"></i><span class="post-meta-label">阅读量:</span><span id="busuanzi_value_page_pv"><i class="fa-solid fa-spinner fa-spin"></i></span></span></div></div></div></header><main class="layout" id="content-inner"><div id="post"><article class="post-content" id="article-container"><h1 id="概述"><a href="#概述" class="headerlink" title="概述"></a>概述</h1><figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br></pre></td><td class="code"><pre><span class="line">ATM (AccessTokenManager) 是HarmonyOS上基于AccessToken构建的统一的应用权限管理能力。</span><br><span class="line"></span><br><span class="line">默认情况下，应用只能访问有限的系统资源。但某些情况下，应用为了扩展功能的诉求，需要访问额外的系统或其他应用的数据（包括用户个人数据）、功能。系统或应用也必须以明确的方式对外提供接口来共享其数据或功能。HarmonyOS提供了一种访问控制机制来保证这些数据或功能不会被不当或恶意使用，即应用权限。</span><br><span class="line"></span><br><span class="line">应用权限保护的对象可以分为数据和功能：</span><br><span class="line"></span><br><span class="line">数据包含了个人数据（如照片、通讯录、日历、位置等）、设备数据（如设备标识、相机、麦克风等）、应用数据。</span><br><span class="line">功能则包括了设备功能（如打电话、发短信、联网等）、应用功能（如弹出悬浮框、创建快捷方式等）等。</span><br><span class="line">应用权限是程序访问操作某种对象的通行证。权限在应用层面要求有明确定义，应用权限使得系统可以规范各类应用程序的行为准则，实现用户隐私的保护机制。当应用访问操作目标对象时，目标对象会对应用进行权限检查，如果没有对应权限，则访问操作将被拒绝。</span><br><span class="line"></span><br><span class="line">当前，ATM提供的应用权限校验功能是基于统一管理的TokenID（Token identity）。TokenID是每个应用的身份标识，ATM通过应用的TokenID来管理应用的权限。</span><br></pre></td></tr></table></figure>

<h1 id="权限使用基本原则"><a href="#权限使用基本原则" class="headerlink" title="权限使用基本原则"></a>权限使用基本原则</h1><figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br></pre></td><td class="code"><pre><span class="line">在进行权限的申请和使用时，需要满足以下基本原则：</span><br><span class="line"></span><br><span class="line">* 应用申请的权限，都必须有明确、合理的使用场景和功能说明，确保用户能够清晰明了地知道申请权限的目的、场景、用途；禁止诱导、误导用户授权；应用使用权限必须与申请所述一致。</span><br><span class="line"></span><br><span class="line">* 应用权限申请遵循最小化原则，只申请业务功能所必要的权限，禁止申请不必要的权限。</span><br><span class="line"></span><br><span class="line">* 应用在首次启动时，避免频繁弹窗申请多个权限；权限须在用户使用对应业务功能时动态申请。</span><br><span class="line"></span><br><span class="line">* 用户拒绝授予某个权限时，与此权限无关的其他业务功能应能正常使用，不能影响应用的正常注册或登录。</span><br><span class="line"></span><br><span class="line">* 业务功能所需要的权限被用户拒绝且禁止后不再提示，当用户主动触发使用此业务功能或为实现业务功能所必须时，应用程序可通过界面内文字引导，让用户主动到“系统设置”中授权。</span><br><span class="line"></span><br><span class="line">* 当前不允许应用自行定义权限，应用申请的权限应该从已有的权限列表中选择。</span><br></pre></td></tr></table></figure>

<h1 id="权限的工作流程"><a href="#权限的工作流程" class="headerlink" title="权限的工作流程"></a>权限的工作流程</h1><h2 id="权限申请使用的工作流程"><a href="#权限申请使用的工作流程" class="headerlink" title="权限申请使用的工作流程"></a>权限申请使用的工作流程</h2><figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">应用在访问数据或者执行操作时，需要评估该行为是否需要应用具备相关的权限。如果确认需要目标权限，则需要在应用安装包中申请目标权限。</span><br><span class="line"></span><br><span class="line">然后，需要判断目标权限是否属于用户授权类。如果是，应用需要使用动态授权弹框来提供用户授权界面，请求用户授权目标权限。</span><br><span class="line"></span><br><span class="line">当用户授予应用所需权限后，应用可成功访问目标数据或执行目标操作。</span><br></pre></td></tr></table></figure>

<p><img src="1700900428211.png" alt="1700900428211"></p>
<h2 id="权限校验的工作流程"><a href="#权限校验的工作流程" class="headerlink" title="权限校验的工作流程"></a>权限校验的工作流程</h2><figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">应用在提供对外功能服务接口时，可以根据接口涉数据的敏感程度或所涉能力的安全威胁影响，在权限定义列表选择合适的权限保护当前接口，对访问者进行权限校验。</span><br><span class="line"></span><br><span class="line">当且仅当访问者获取当前接口所需权限后，才能通过当前接口的权限校验，并正常使用当前应用提供的目标功能。</span><br></pre></td></tr></table></figure>

<p><img src="1700900539017.png" alt="1700900539017"></p>
<h1 id="权限等级"><a href="#权限等级" class="headerlink" title="权限等级"></a>权限等级</h1><table>
<thead>
<tr>
<th align="left">APL级别</th>
<th align="left">说明</th>
</tr>
</thead>
<tbody><tr>
<td align="left">system_core等级</td>
<td align="left">该等级的应用服务提供操作系统核心能力。</td>
</tr>
<tr>
<td align="left">system_basic等级</td>
<td align="left">该等级的应用服务提供系统基础服务。</td>
</tr>
<tr>
<td align="left">normal等级</td>
<td align="left">普通应用。</td>
</tr>
</tbody></table>
<blockquote>
<p><strong>system_core权限</strong></p>
</blockquote>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">system_core权限涉及到开放操作系统核心资源的访问操作。这部分系统资源是系统最核心的底层服务，如果遭受破坏，操作系统将无法正常运行。</span><br><span class="line"></span><br><span class="line">鉴于该类型权限对系统的影响程度非常大，目前暂不向任何三方应用开放。</span><br></pre></td></tr></table></figure>

<blockquote>
<p><strong>system_basic权限</strong></p>
</blockquote>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">system_basic权限允许应用访问操作系统基础服务相关的资源。这部分系统基础服务属于系统提供或者预置的基础功能，比如系统设置、身份认证等。这些系统资源的开放对用户隐私以及其他应用带来的风险较大。</span><br><span class="line"></span><br><span class="line">该类型的权限仅向APL等级为system_basic及以上的应用开放。</span><br></pre></td></tr></table></figure>

<blockquote>
<p><strong>normal权限</strong></p>
</blockquote>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">normal 权限允许应用访问超出默认规则外的普通系统资源。这些系统资源的开放（包括数据和功能）对用户隐私以及其他应用带来的风险很小。</span><br><span class="line"></span><br><span class="line">该类型的权限仅向APL等级为normal及以上的应用开放。</span><br></pre></td></tr></table></figure>

<h1 id="权限类型"><a href="#权限类型" class="headerlink" title="权限类型"></a>权限类型</h1><figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">根据授权方式的不同，权限类型可分为system_grant（系统授权）和user_grant（用户授权）。</span><br></pre></td></tr></table></figure>

<blockquote>
<p>system_grant 系统授权</p>
</blockquote>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">system_grant指的是系统授权类型，在该类型的权限许可下，应用被允许访问的数据不会涉及到用户或设备的敏感信息，应用被允许执行的操作不会对系统或者其他应用产生大的不利影响。</span><br><span class="line"></span><br><span class="line">如果在应用中申请了system_grant权限，那么系统会在用户安装应用时，自动把相应权限授予给应用。应用需要在应用商店的详情页面，向用户展示所申请的system_grant权限列表。</span><br></pre></td></tr></table></figure>

<blockquote>
<p>user_grant 用户授权</p>
</blockquote>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line">user_grant指的是用户授权类型，在该类型的权限许可下，应用被允许访问的数据将会涉及到用户或设备的敏感信息，应用被允许执行的操作可能对系统或者其他应用产生严重的影响。</span><br><span class="line"></span><br><span class="line">该类型权限不仅需要在安装包中申请权限，还需要在应用动态运行时，通过发送弹窗的方式请求用户授权。在用户手动允许授权后，应用才会真正获取相应权限，从而成功访问操作目标对象。</span><br><span class="line"></span><br><span class="line">比如说，在权限定义列表中，麦克风和摄像头对应的权限都是属于用户授权权限，列表中给出了详细的权限使用理由。</span><br><span class="line"></span><br><span class="line">应用需要在应用商店的详情页面，向用户展示所申请的user_grant权限列表。</span><br></pre></td></tr></table></figure>

<h1 id="权限授权流程"><a href="#权限授权流程" class="headerlink" title="权限授权流程"></a>权限授权流程</h1><blockquote>
<p>1、权限申请</p>
<p>在module.json5配置文件中进行声明目标权限</p>
</blockquote>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br></pre></td><td class="code"><pre><span class="line">&#123;</span><br><span class="line">  &quot;module&quot; : &#123;</span><br><span class="line">    // ...</span><br><span class="line">    &quot;requestPermissions&quot;:[</span><br><span class="line">      &#123;</span><br><span class="line">        &quot;name&quot; : &quot;ohos.permission.PERMISSION1&quot;,</span><br><span class="line">        &quot;reason&quot;: &quot;$string:reason&quot;,</span><br><span class="line">        &quot;usedScene&quot;: &#123;</span><br><span class="line">          &quot;abilities&quot;: [</span><br><span class="line">            &quot;FormAbility&quot;</span><br><span class="line">          ],</span><br><span class="line">          &quot;when&quot;:&quot;inuse&quot;</span><br><span class="line">        &#125;</span><br><span class="line">      &#125;,</span><br><span class="line">      &#123;</span><br><span class="line">        &quot;name&quot; : &quot;ohos.permission.PERMISSION2&quot;,</span><br><span class="line">        &quot;reason&quot;: &quot;$string:reason&quot;,</span><br><span class="line">        &quot;usedScene&quot;: &#123;</span><br><span class="line">          &quot;abilities&quot;: [</span><br><span class="line">            &quot;FormAbility&quot;</span><br><span class="line">          ],</span><br><span class="line">          &quot;when&quot;:&quot;always&quot;</span><br><span class="line">        &#125;</span><br><span class="line">      &#125;</span><br><span class="line">    ]</span><br><span class="line">  &#125;</span><br><span class="line">&#125;</span><br></pre></td></tr></table></figure>

<blockquote>
<p>标签说明</p>
</blockquote>
<table>
<thead>
<tr>
<th align="left">标签</th>
<th align="left">是否必填</th>
<th align="left">说明</th>
</tr>
</thead>
<tbody><tr>
<td align="left">name</td>
<td align="left">是</td>
<td align="left">权限名称。</td>
</tr>
<tr>
<td align="left">reason</td>
<td align="left">否</td>
<td align="left">描述申请权限的原因。&gt;<strong>说明</strong> ：当申请的权限为user_grant权限时，此字段必填。</td>
</tr>
<tr>
<td align="left">usedScene</td>
<td align="left">否</td>
<td align="left">描述权限使用的场景和时机。&gt;<strong>说明</strong> ：当申请的权限为user_grant权限时，此字段必填。</td>
</tr>
<tr>
<td align="left">abilities</td>
<td align="left">否</td>
<td align="left">标识需要使用到该权限的Ability，标签为数组形式。<strong>适用模型</strong> ：Stage模型</td>
</tr>
<tr>
<td align="left">ability</td>
<td align="left">否</td>
<td align="left">标识需要使用到该权限的Ability，标签为数组形式。<strong>适用模型</strong> ：FA模型</td>
</tr>
<tr>
<td align="left">when</td>
<td align="left">否</td>
<td align="left">标识权限使用的时机，值为inuse&#x2F;always。- inuse：表示为仅允许前台使用。- always：表示前后台都可使用。</td>
</tr>
</tbody></table>
<blockquote>
<p>2、权限授予</p>
<p>权限授予分为两种情况：</p>
<ul>
<li>如果目标权限是system_grant类型，开发者在进行权限申请后，系统会在安装应用时自动为其进行权限预授予，开发者不需要做其他操作即可使用权限。</li>
<li>如果目标权限是user_grant类型，开发者在进行权限申请后，在运行时触发动态弹窗，请求用户授权 。</li>
</ul>
</blockquote>
<h2 id="用户权限授予操作步骤"><a href="#用户权限授予操作步骤" class="headerlink" title="用户权限授予操作步骤"></a>用户权限授予操作步骤</h2><blockquote>
<p>1、module.json5配置文件中申请权限。</p>
</blockquote>
<blockquote>
<p>2、校验权限是否授权。</p>
<p>在进行权限申请之前，需要先检查当前应用程序是否已经被授予了权限。可以通过调用checkAccessToken()方法来校验当前是否已经授权。如果已经授权，则可以直接访问目标操作，否则需要进行下一步操作，即向用户申请授权。</p>
</blockquote>
<blockquote>
<p>import bundleManager from ‘@ohos.bundle.bundleManager’;<br>import abilityAccessCtrl, { Permissions } from ‘@ohos.abilityAccessCtrl’;</p>
<p>async function checkAccessToken(permission: Permissions): Promise&lt;abilityAccessCtrl.GrantStatus&gt; {<br>let atManager &#x3D; abilityAccessCtrl.createAtManager();<br>let grantStatus: abilityAccessCtrl.GrantStatus;</p>
<p>&#x2F;&#x2F; 获取应用程序的accessTokenID<br>let tokenId: number;<br>try {<br>let bundleInfo: bundleManager.BundleInfo &#x3D; await bundleManager.getBundleInfoForSelf(bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_APPLICATION);<br>let appInfo: bundleManager.ApplicationInfo &#x3D; bundleInfo.appInfo;<br>tokenId &#x3D; appInfo.accessTokenId;<br>} catch (err) {<br>console.error(<code>getBundleInfoForSelf failed, code is $&#123;err.code&#125;, message is $&#123;err.message&#125;</code>);<br>}</p>
<p>&#x2F;&#x2F; 校验应用是否被授予权限<br>try {<br>grantStatus &#x3D; await atManager.checkAccessToken(tokenId, permission);<br>} catch (err) {<br>console.error(<code>checkAccessToken failed, code is $&#123;err.code&#125;, message is $&#123;err.message&#125;</code>);<br>}</p>
<p>return grantStatus;<br>}</p>
<p>async function checkPermissions(): Promise <code>&lt;void&gt;</code> {<br>const permissions: Array <code>&lt;Permissions&gt;</code> &#x3D; [‘ohos.permission.READ_CALENDAR’];<br>let grantStatus: abilityAccessCtrl.GrantStatus &#x3D; await checkAccessToken(permissions[0]);</p>
<p>if (grantStatus &#x3D;&#x3D;&#x3D; abilityAccessCtrl.GrantStatus.PERMISSION_GRANTED) {<br>&#x2F;&#x2F; 已经授权，可以继续访问目标操作<br>} else {<br>&#x2F;&#x2F; 申请日历权限<br>}<br>}</p>
</blockquote>
<blockquote>
<p>3、动态想用户申请权限授权。</p>
</blockquote>
<blockquote>
<p>import abilityAccessCtrl, { Permissions } from ‘@ohos.abilityAccessCtrl’;<br>import common from ‘@ohos.app.ability.common’;</p>
<p>const permissions: Array <code>&lt;Permissions&gt;</code> &#x3D; [‘ohos.permission.READ_CALENDAR’];</p>
<p>@Entry<br>@Component<br>struct Index {<br>reqPermissionsFromUser(permissions: Array <code>&lt;Permissions&gt;</code>): void {<br>let context &#x3D; getContext(this) as common.UIAbilityContext;<br>let atManager &#x3D; abilityAccessCtrl.createAtManager();<br>&#x2F;&#x2F; requestPermissionsFromUser会判断权限的授权状态来决定是否唤起弹窗<br>atManager.requestPermissionsFromUser(context, permissions).then((data) &#x3D;&gt; {<br>let grantStatus: Array <code>&lt;number&gt;</code> &#x3D; data.authResults;<br>let length: number &#x3D; grantStatus.length;<br>for (let i &#x3D; 0; i &lt; length; i++) {<br>if (grantStatus[i] &#x3D;&#x3D;&#x3D; 0) {<br>&#x2F;&#x2F; 用户授权，可以继续访问目标操作<br>} else {<br>&#x2F;&#x2F; 用户拒绝授权，提示用户必须授权才能访问当前页面的功能，并引导用户到系统设置中打开相应的权限<br>return;<br>}<br>}<br>&#x2F;&#x2F; 授权成功<br>}).catch((err) &#x3D;&gt; {<br>console.error(<code>requestPermissionsFromUser failed, code is $&#123;err.code&#125;, message is $&#123;err.message&#125;</code>);<br>})<br>}</p>
<p>&#x2F;&#x2F; 页面展示<br>build() {<br>&#x2F;&#x2F; …<br>}<br>}</p>
</blockquote>
<blockquote>
<p>4、处理授权结果</p>
</blockquote>
<blockquote>
<p>function openPermissionsInSystemSettings(): void {<br>let context &#x3D; getContext(this) as common.UIAbilityContext;<br>let wantInfo &#x3D; {<br>action: ‘action.settings.app.info’,<br>parameters: {<br>settingsParamBundleName: ‘com.example.myapplication’ &#x2F;&#x2F; 打开指定应用的详情页面<br>}<br>}<br>context.startAbility(wantInfo).then(() &#x3D;&gt; {<br>&#x2F;&#x2F; …<br>}).catch((err) &#x3D;&gt; {<br>&#x2F;&#x2F; …<br>})<br>}</p>
</blockquote>
<h1 id="权限授予函数调用"><a href="#权限授予函数调用" class="headerlink" title="权限授予函数调用"></a>权限授予函数调用</h1><p><img src="1700977322876.png" alt="1700977322876"></p>
<h1 id="权限授予函数实现"><a href="#权限授予函数实现" class="headerlink" title="权限授予函数实现"></a>权限授予函数实现</h1><blockquote>
<p>检查权限是否授权</p>
</blockquote>
<h1 id="请求权限授予"><a href="#请求权限授予" class="headerlink" title="请求权限授予"></a>请求权限授予</h1><p><img src="1700977480338.png" alt="1700977480338"></p>
<h1 id="权限列表"><a href="#权限列表" class="headerlink" title="权限列表"></a>权限列表</h1><table>
<thead>
<tr>
<th>权限名称</th>
<th>权限说明</th>
<th>权限级别</th>
<th>授权方式</th>
</tr>
</thead>
<tbody><tr>
<td>ohos.permission.USE_BLUETOOTH</td>
<td>允许应用查看蓝牙的配置。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.DISCOVER_BLUETOOTH</td>
<td>允许应用配置本地蓝牙，查找远端设备且与之配对连接。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_BLUETOOTH</td>
<td>允许应用配对蓝牙设备，并对设备的电话簿或消息进行访问。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.INTERNET</td>
<td>允许使用Internet网络。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MODIFY_AUDIO_SETTINGS</td>
<td>允许应用修改音频设置。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_NOTIFICATION_POLICY</td>
<td>在本设备上允许应用访问通知策略。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_TELEPHONY_STATE</td>
<td>允许应用读取电话信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.REQUIRE_FORM</td>
<td>允许应用获取Ability Form。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_NETWORK_INFO</td>
<td>允许应用获取数据网络信息。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.PLACE_CALL</td>
<td>允许应用直接拨打电话。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.SET_NETWORK_INFO</td>
<td>允许应用配置数据网络。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.REMOVE_CACHE_FILES</td>
<td>允许清理指定应用的缓存。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.REBOOT</td>
<td>允许应用重启设备。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.RUNNING_LOCK</td>
<td>允许应用获取运行锁，保证应用在后台的持续运行。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.SET_TIME</td>
<td>允许应用修改系统时间。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.SET_TIME_ZONE</td>
<td>允许应用修改系统时区。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.DOWNLOAD_SESSION_MANAGER</td>
<td>允许应用管理下载任务会话。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.COMMONEVENT_STICKY</td>
<td>允许应用发布粘性公共事件。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.SYSTEM_FLOAT_WINDOW</td>
<td>允许应用使用悬浮窗的能力。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.PRIVACY_WINDOW</td>
<td>允许应用将窗口设置为隐私窗口，禁止截屏录屏。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.POWER_MANAGER</td>
<td>允许应用调用电源管理子系统的接口休眠或者唤醒设备。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.REFRESH_USER_ACTION</td>
<td>允许应用在收到用户事件时，重新计算超时时间。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.POWER_OPTIMIZATION</td>
<td>允许系统应用设置省电模式、获取省电模式的配置信息并接收配置变化的通知。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.REBOOT_RECOVERY</td>
<td>允许系统应用重启设备并进入恢复模式。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_LOCAL_ACCOUNTS</td>
<td>允许应用管理本地用户帐号。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS</td>
<td>允许多个系统帐号之间相互访问。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.VIBRATE</td>
<td>允许应用控制马达振动。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.CONNECT_IME_ABILITY</td>
<td>允许绑定输入法Ability（InputMethodAbility）。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.CONNECT_SCREEN_SAVER_ABILITY</td>
<td>允许绑定屏保Ability（ScreenSaverAbility）。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_SCREEN_SAVER</td>
<td>允许应用查询屏保状态信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.WRITE_SCREEN_SAVER</td>
<td>允许应用修改屏保状态信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.SET_WALLPAPER</td>
<td>允许应用设置静态壁纸。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_WALLPAPER</td>
<td>允许应用读取壁纸文件。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.CHANGE_ABILITY_ENABLED_STATE</td>
<td>允许改变应用或者组件的使能状态。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_MISSIONS</td>
<td>允许应用访问任务栈信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.CLEAN_BACKGROUND_PROCESSES</td>
<td>允许应用根据包名清理相关后台进程。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.KEEP_BACKGROUND_RUNNING</td>
<td>允许Service Ability在后台持续运行。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.UPDATE_CONFIGURATION</td>
<td>允许更新系统配置。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.UPDATE_SYSTEM</td>
<td>允许调用升级接口。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.FACTORY_RESET</td>
<td>允许调用恢复出厂接口。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GRANT_SENSITIVE_PERMISSIONS</td>
<td>允许应用为其他应用授予敏感权限。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.REVOKE_SENSITIVE_PERMISSIONS</td>
<td>允许应用撤销给其他应用授予的敏感信息。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_SENSITIVE_PERMISSIONS</td>
<td>允许应用读取其他应用的敏感权限的状态。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS_EXTENSION</td>
<td>允许应用跨用户对其他应用的属性进行设置。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.LISTEN_BUNDLE_CHANGE</td>
<td>允许应用监听其他应用安装、更新、卸载状态的变化。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_BUNDLE_INFO</td>
<td>允许应用查询其他应用的信息。该权限仅适用于三方应用。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_BUNDLE_INFO_PRIVILEGED</td>
<td>允许应用查询其他应用的信息。该权限仅适用于特权应用、同签名应用。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCELEROMETER</td>
<td>允许应用读取加速度传感器的数据。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GYROSCOPE</td>
<td>允许应用读取陀螺仪传感器的数据。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.INSTALL_BUNDLE</td>
<td>允许应用安装、卸载其他应用。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_SHORTCUTS</td>
<td>允许应用查询其他应用的快捷方式信息、启动其他应用的快捷方式。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.radio.ACCESS_FM_AM</td>
<td>允许应用获取收音机相关服务。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.SET_TELEPHONY_STATE</td>
<td>允许应用修改telephone的状态。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.START_ABILITIES_FROM_BACKGROUND</td>
<td>允许应用在后台启动或者访问其他组件。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.BUNDLE_ACTIVE_INFO</td>
<td>允许系统应用查询其他应用在前台或后台的运行时间。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.START_INVISIBLE_ABILITY</td>
<td>无论Ability是否可见，都允许应用进行调用。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.sec.ACCESS_UDID</td>
<td>允许系统应用获取UDID。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.LAUNCH_DATA_PRIVACY_CENTER</td>
<td>允许应用从其隐私声明页面跳转至”数据与隐私”页面。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_MEDIA_RESOURCES</td>
<td>允许应用程序获取当前设备正在播放的媒体资源，并对其进行管理。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.PUBLISH_AGENT_REMINDER</td>
<td>允许该应用使用后台代理提醒。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.CONTROL_TASK_SYNC_ANIMATOR</td>
<td>允许应用使用同步任务动画。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.INPUT_MONITORING</td>
<td>允许应用监听输入事件，仅系统签名应用可申请此权限。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_MISSIONS</td>
<td>允许用户管理元能力任务栈。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.NOTIFICATION_CONTROLLER</td>
<td>允许应用管理通知和订阅通知。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.CONNECTIVITY_INTERNAL</td>
<td>允许应用程序获取网络相关的信息或修改网络相关设置。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.SET_ABILITY_CONTROLLER</td>
<td>允许设置ability组件启动和停止控制权。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.USE_USER_IDM</td>
<td>允许应用访问系统身份凭据信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_USER_IDM</td>
<td>允许应用使用系统身份凭据管理能力进行口令、人脸、指纹等录入、修改、删除等操作。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_BIOMETRIC</td>
<td>允许应用使用生物特征识别能力进行身份认证。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_USER_AUTH_INTERNAL</td>
<td>允许应用使用系统身份认证能力进行用户身份认证或身份识别。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_PIN_AUTH</td>
<td>允许应用使用口令输入接口，用于系统应用完成口令输入框绘制场景。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_RUNNING_INFO</td>
<td>允许应用获取运行态信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.CLEAN_APPLICATION_DATA</td>
<td>允许应用清理应用数据。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.RUNNING_STATE_OBSERVER</td>
<td>允许应用观察应用状态。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.CAPTURE_SCREEN</td>
<td>允许应用截取屏幕图像。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_WIFI_INFO</td>
<td>允许应用获取WLAN信息。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_WIFI_INFO_INTERNAL</td>
<td>允许应用获取WLAN信息。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.SET_WIFI_INFO</td>
<td>允许应用配置WLAN设备。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_WIFI_PEERS_MAC</td>
<td>允许应用获取对端WLAN或者蓝牙设备的MAC地址。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_WIFI_LOCAL_MAC</td>
<td>允许应用获取本机WLAN或者蓝牙设备的MAC地址。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_WIFI_CONFIG</td>
<td>允许应用获取WLAN配置信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.SET_WIFI_CONFIG</td>
<td>允许应用配置WLAN信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_WIFI_CONNECTION</td>
<td>允许应用管理WLAN连接。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_WIFI_HOTSPOT</td>
<td>允许应用开启或者关闭WLAN热点。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_ALL_APP_ACCOUNTS</td>
<td>允许应用获取所有应用账户信息。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_SECURE_SETTINGS</td>
<td>允许应用修改安全类系统设置。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_DFX_SYSEVENT</td>
<td>允许应用访问系统事件打点数据。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_ENTERPRISE_DEVICE_ADMIN</td>
<td>允许应用激活设备管理员应用。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.SET_ENTERPRISE_INFO</td>
<td>允许设备管理员应用设置企业信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ENTERPRISE_SUBSCRIBE_MANAGED_EVENT</td>
<td>允许设备管理员应用订阅管理事件。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ENTERPRISE_SET_DATETIME</td>
<td>允许设备管理员应用设置系统时间。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ENTERPRISE_GET_DEVICE_INFO</td>
<td>允许设备管理员读取设备信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.NFC_TAG</td>
<td>允许应用读取Tag卡片。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.NFC_CARD_EMULATION</td>
<td>允许应用实现卡模拟功能。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.PERMISSION_USED_STATS</td>
<td>允许系统应用访问权限使用记录。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.NOTIFICATION_AGENT_CONTROLLER</td>
<td>允许应用发送代理通知。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ANSWER_CALL</td>
<td>允许应用接听来电。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_CALENDAR</td>
<td>允许应用读取日历信息。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_CALL_LOG</td>
<td>允许应用读取通话记录。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_CELL_MESSAGES</td>
<td>允许应用读取设备收到的小区广播信息。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_CONTACTS</td>
<td>允许应用读取联系人数据。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_MESSAGES</td>
<td>允许应用读取短信息。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.RECEIVE_MMS</td>
<td>允许应用接收和处理彩信。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.RECEIVE_SMS</td>
<td>允许应用接收和处理短信。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.RECEIVE_WAP_MESSAGES</td>
<td>允许应用接收和处理WAP消息。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.MICROPHONE</td>
<td>允许应用使用麦克风。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.SEND_MESSAGES</td>
<td>允许应用发送短信。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.WRITE_CALENDAR</td>
<td>允许应用添加、移除或更改日历活动。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.WRITE_CALL_LOG</td>
<td>允许应用添加、移除或更改通话记录。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.WRITE_CONTACTS</td>
<td>允许应用添加、移除或更改联系人数据。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.DISTRIBUTED_DATASYNC</td>
<td>允许不同设备间的数据交换。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_VOICEMAIL</td>
<td>允许应用在语音信箱中留言。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.LOCATION_IN_BACKGROUND</td>
<td>允许应用在后台运行时获取设备位置信息。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.LOCATION</td>
<td>允许应用获取设备位置信息。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.APPROXIMATELY_LOCATION</td>
<td>允许应用获取设备模糊位置信息。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.MEDIA_LOCATION</td>
<td>允许应用访问用户媒体文件中的地理位置信息。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.CAMERA</td>
<td>允许应用使用相机拍摄照片和录制视频。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_MEDIA</td>
<td>允许应用读取用户外部存储中的媒体文件信息。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.WRITE_MEDIA</td>
<td>允许应用读写用户外部存储中的媒体文件信息。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.ACTIVITY_MOTION</td>
<td>允许应用读取用户当前的运动状态。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_HEALTH_DATA</td>
<td>允许应用读取用户的健康数据。</td>
<td>normal</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_DEFAULT_APPLICATION</td>
<td>允许应用查询默认应用。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.SET_DEFAULT_APPLICATION</td>
<td>允许应用设置、重置默认应用。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_DISPOSED_APP_STATUS</td>
<td>允许设置和查询应用的处置状态。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_IDS</td>
<td>允许应用查询设备的唯一标识符信息。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.DUMP</td>
<td>允许导出系统基础信息和SA服务信息。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.DISTRIBUTED_SOFTBUS_CENTER</td>
<td>允许不同设备之间进行组网处理。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_DLP_FILE</td>
<td>允许对DLP文件进行权限配置和管理。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.PROVISIONING_MESSAGE</td>
<td>允许激活超级设备管理器应用。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_SYSTEM_SETTINGS</td>
<td>允许应用接入或拉起系统设置界面。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_IMAGEVIDEO</td>
<td>允许读取用户公共目录的图片或视频文件。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_AUDIO</td>
<td>允许读取用户公共目录的音频文件。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_DOCUMENT</td>
<td>允许读取用户公共目录的文档。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.WRITE_IMAGEVIDEO</td>
<td>允许修改用户公共目录的图片或视频文件。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.WRITE_AUDIO</td>
<td>允许修改用户公共目录的音频文件。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.WRITE_DOCUMENT</td>
<td>允许修改用户公共目录的文档。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.ABILITY_BACKGROUND_COMMUNICATION</td>
<td>允许应用将Ability组件在后台启动并与该Ability建立通信连接。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.securityguard.REPORT_SECURITY_INFO</td>
<td>允许应用上报风险数据至设备风险管理平台。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.securityguard.REQUEST_SECURITY_MODEL_RESULT</td>
<td>允许应用获取设备风险状态。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.securityguard.REQUEST_SECURITY_EVENT_INFO</td>
<td>允许应用获取风险详细数据。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_ACCESSIBILITY_CONFIG</td>
<td>允许应用读取无障碍配置信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.WRITE_ACCESSIBILITY_CONFIG</td>
<td>允许应用设置无障碍配置信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_CERT_MANAGER_INTERNAL</td>
<td>允许应用进行证书及凭据的安装、卸载、启用、禁用等操作。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_CERT_MANAGER</td>
<td>允许应用进行私有凭据的相关操作、查询证书状态等操作。</td>
<td>normal</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_PUSH_SERVICE</td>
<td>允许应用访问推送服务的Ability。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.RECEIVER_STARTUP_COMPLETED</td>
<td>允许应用订阅开机广播。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_CAMERA_CONFIG</td>
<td>允许应用进行全局相机开关等操作。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.READ_WHOLE_CALENDAR</td>
<td>允许应用读取所有的日历信息。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.WRITE_WHOLE_CALENDAR</td>
<td>允许应用添加、移除或更改所有的日历活动。</td>
<td>system_basic</td>
<td>user_grant</td>
</tr>
<tr>
<td>ohos.permission.ENFORCE_USER_IAM</td>
<td>允许SA无token删除IAM子系统用户信息。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.ACCESS_AUTH_RESPOOL</td>
<td>允许SA注册执行器。</td>
<td>system_core</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MOUNT_UNMOUNT_MANAGER</td>
<td>允许应用对外卡进行挂载卸载操作。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MOUNT_FORMAT_MANAGER</td>
<td>允许应用对外卡进行格式化操作。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.STORAGE_MANAGER</td>
<td>允许应用调用storage manager服务中对空间统计以及卷信息的查询接口。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.BACKUP</td>
<td>允许应用拥有备份恢复能力。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.FILE_ACCESS_MANAGER</td>
<td>允许文件管理类应用通过FAF框架访问公共数据文件。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_AUDIO_CONFIG</td>
<td>允许应用进行全局麦克风静音等操作。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.MANAGE_DISTRIBUTED_ACCOUNTS</td>
<td>允许应用管理系统分布式帐号信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_DISTRIBUTED_ACCOUNTS</td>
<td>允许应用查询系统分布式帐号信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
<tr>
<td>ohos.permission.GET_LOCAL_ACCOUNTS</td>
<td>允许应用查询系统本地帐号信息。</td>
<td>system_basic</td>
<td>system_grant</td>
</tr>
</tbody></table>
<p><a target="_blank" rel="noopener" href="https://developer.harmonyos.com/cn/docs/documentation/doc-references-V3/js-apis-abilityaccessctrl-0000001478341361-V3">程序访问控制管理</a></p>
<p><a target="_blank" rel="noopener" href="https://developer.harmonyos.com/cn/docs/documentation/doc-guides-V3/accesstoken-overview-0000001544703857-V3">访问控制</a></p>
</article><div class="post-copyright"><div class="post-copyright__author"><span class="post-copyright-meta"><i class="fas fa-circle-user fa-fw"></i>文章作者: </span><span class="post-copyright-info"><a href="https://houyudong1989.gitee.io/blog">侯玉东</a></span></div><div class="post-copyright__type"><span class="post-copyright-meta"><i class="fas fa-square-arrow-up-right fa-fw"></i>文章链接: </span><span class="post-copyright-info"><a href="https://houyudong1989.gitee.io/blog/2023/11/21/harmonyOS/%E6%9D%83%E9%99%90%E6%8E%88%E4%BA%88/">https://houyudong1989.gitee.io/blog/2023/11/21/harmonyOS/%E6%9D%83%E9%99%90%E6%8E%88%E4%BA%88/</a></span></div><div class="post-copyright__notice"><span class="post-copyright-meta"><i class="fas fa-circle-exclamation fa-fw"></i>版权声明: </span><span class="post-copyright-info">本博客所有文章除特别声明外，均采用 <a href="https://creativecommons.org/licenses/by-nc-sa/4.0/" target="_blank">CC BY-NC-SA 4.0</a> 许可协议。转载请注明来自 <a href="https://houyudong1989.gitee.io/blog" target="_blank">East'blog</a>！</span></div></div><div class="tag_share"><div class="post-meta__tag-list"><a class="post-meta__tags" href="/blog/tags/harmonyOS/">harmonyOS</a></div><div class="post_share"><div class="social-share" data-image="/blog/img/library1.jpeg" data-sites="facebook,twitter,wechat,weibo,qq"></div><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/butterfly-extsrc/sharejs/dist/css/share.min.css" media="print" onload="this.media='all'"><script src="https://cdn.jsdelivr.net/npm/butterfly-extsrc/sharejs/dist/js/social-share.min.js" defer></script></div></div><nav class="pagination-post" id="pagination"><div class="prev-post pull-left"><a href="/blog/2023/11/22/%E4%BF%A1%E6%81%AF%E9%A1%B9%E7%9B%AE%E7%B3%BB%E7%BB%9F%E7%AE%A1%E7%90%86/%E9%A1%B9%E7%9B%AE%E8%BF%9B%E5%BA%A6%E7%BD%91%E7%BB%9C%E5%9B%BE/" title="项目进度网络图"><img class="cover" src="/blog/img/library1.jpeg" onerror="onerror=null;src='/blog/img/friend_404.gif'" alt="cover of previous post"><div class="pagination-info"><div class="label">上一篇</div><div class="prev_info">项目进度网络图</div></div></a></div><div class="next-post pull-right"><a href="/blog/2023/11/21/harmonyOS/ability/ability%E7%B1%BB%E5%9E%8B/" title=""><img class="cover" src="/blog/img/library1.jpeg" onerror="onerror=null;src='/blog/img/friend_404.gif'" alt="cover of next post"><div class="pagination-info"><div class="label">下一篇</div><div class="next_info"></div></div></a></div></nav><div class="relatedPosts"><div class="headline"><i class="fas fa-thumbs-up fa-fw"></i><span>相关推荐</span></div><div class="relatedPosts-list"><div><a href="/blog/2024/01/20/harmonyOS/ArkUI-X/" title="ArkUI-X"><img class="cover" src="/blog/img/library1.jpeg" alt="cover"><div class="content is-center"><div class="date"><i class="far fa-calendar-alt fa-fw"></i> 2024-01-20</div><div class="title">ArkUI-X</div></div></a></div><div><a href="/blog/2023/12/15/harmonyOS/Canvas%E7%BB%98%E5%88%B6%E6%8A%98%E7%BA%BF%E5%9B%BE/" title="canvas绘制折线图"><img class="cover" src="/blog/img/library1.jpeg" alt="cover"><div class="content is-center"><div class="date"><i class="far fa-calendar-alt fa-fw"></i> 2023-12-15</div><div class="title">canvas绘制折线图</div></div></a></div><div><a href="/blog/2023/12/02/harmonyOS/Canvas%E7%BB%98%E5%88%B6%E6%9F%B1%E7%8A%B6%E5%9B%BE/" title="canvas绘制柱状图"><img class="cover" src="/blog/img/library1.jpeg" alt="cover"><div class="content is-center"><div class="date"><i class="far fa-calendar-alt fa-fw"></i> 2023-12-02</div><div class="title">canvas绘制柱状图</div></div></a></div><div><a href="/blog/2024/03/25/harmonyOS/commonevent%E3%80%81eventhub%E3%80%81emitter%E5%92%8Cworker%E4%BD%BF%E7%94%A8/" title="commonevent、eventhub、emitter和worker使用"><img class="cover" src="/blog/img/library1.jpeg" alt="cover"><div class="content is-center"><div class="date"><i class="far fa-calendar-alt fa-fw"></i> 2024-03-25</div><div class="title">commonevent、eventhub、emitter和worker使用</div></div></a></div><div><a href="/blog/2023/11/05/harmonyOS/hdc/" title="hdc 使用帮助"><img class="cover" src="/blog/img/library1.jpeg" alt="cover"><div class="content is-center"><div class="date"><i class="far fa-calendar-alt fa-fw"></i> 2023-11-05</div><div class="title">hdc 使用帮助</div></div></a></div><div><a href="/blog/2023/12/26/harmonyOS/router%E8%B7%AF%E7%94%B1/" title="router路由跳转"><img class="cover" src="/blog/img/library1.jpeg" alt="cover"><div class="content is-center"><div class="date"><i class="far fa-calendar-alt fa-fw"></i> 2023-12-26</div><div class="title">router路由跳转</div></div></a></div></div></div></div><div class="aside-content" id="aside-content"><div class="card-widget card-info"><div class="is-center"><div class="avatar-img"><img src="/blog/img/head.jpg" onerror="this.onerror=null;this.src='/blog/img/friend_404.gif'" alt="avatar"/></div><div class="author-info__name">侯玉东</div><div class="author-info__description">生命不息，奋斗不止</div></div><div class="card-info-data site-data is-center"><a href="/blog/archives/"><div class="headline">文章</div><div class="length-num">70</div></a><a href="/blog/tags/"><div class="headline">标签</div><div class="length-num">26</div></a><a href="/blog/categories/"><div class="headline">分类</div><div class="length-num">18</div></a></div><a id="card-info-btn" target="_blank" rel="noopener" href="https://gitee.com/houyudong1989"><i class="fab fa-github"></i><span>Follow Me</span></a><div class="card-info-social-icons is-center"><a class="social-icon" href="https://gitee.com/houyudong1989" target="_blank" title="Github"><i class="fab fa-github" style="color: #24292e;"></i></a><a class="social-icon" href="mailto:420098321@qq.com" target="_blank" title="Email"><i class="fas fa-envelope" style="color: #4a7dbe;"></i></a></div></div><div class="card-widget card-announcement"><div class="item-headline"><i class="fas fa-bullhorn fa-shake"></i><span>公告</span></div><div class="announcement_content">欢迎来到我的博客！！！</div></div><div class="sticky_layout"><div class="card-widget" id="card-toc"><div class="item-headline"><i class="fas fa-stream"></i><span>目录</span><span class="toc-percentage"></span></div><div class="toc-content"><ol class="toc"><li class="toc-item toc-level-1"><a class="toc-link" href="#%E6%A6%82%E8%BF%B0"><span class="toc-number">1.</span> <span class="toc-text">概述</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#%E6%9D%83%E9%99%90%E4%BD%BF%E7%94%A8%E5%9F%BA%E6%9C%AC%E5%8E%9F%E5%88%99"><span class="toc-number">2.</span> <span class="toc-text">权限使用基本原则</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#%E6%9D%83%E9%99%90%E7%9A%84%E5%B7%A5%E4%BD%9C%E6%B5%81%E7%A8%8B"><span class="toc-number">3.</span> <span class="toc-text">权限的工作流程</span></a><ol class="toc-child"><li class="toc-item toc-level-2"><a class="toc-link" href="#%E6%9D%83%E9%99%90%E7%94%B3%E8%AF%B7%E4%BD%BF%E7%94%A8%E7%9A%84%E5%B7%A5%E4%BD%9C%E6%B5%81%E7%A8%8B"><span class="toc-number">3.1.</span> <span class="toc-text">权限申请使用的工作流程</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E6%9D%83%E9%99%90%E6%A0%A1%E9%AA%8C%E7%9A%84%E5%B7%A5%E4%BD%9C%E6%B5%81%E7%A8%8B"><span class="toc-number">3.2.</span> <span class="toc-text">权限校验的工作流程</span></a></li></ol></li><li class="toc-item toc-level-1"><a class="toc-link" href="#%E6%9D%83%E9%99%90%E7%AD%89%E7%BA%A7"><span class="toc-number">4.</span> <span class="toc-text">权限等级</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#%E6%9D%83%E9%99%90%E7%B1%BB%E5%9E%8B"><span class="toc-number">5.</span> <span class="toc-text">权限类型</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#%E6%9D%83%E9%99%90%E6%8E%88%E6%9D%83%E6%B5%81%E7%A8%8B"><span class="toc-number">6.</span> <span class="toc-text">权限授权流程</span></a><ol class="toc-child"><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%94%A8%E6%88%B7%E6%9D%83%E9%99%90%E6%8E%88%E4%BA%88%E6%93%8D%E4%BD%9C%E6%AD%A5%E9%AA%A4"><span class="toc-number">6.1.</span> <span class="toc-text">用户权限授予操作步骤</span></a></li></ol></li><li class="toc-item toc-level-1"><a class="toc-link" href="#%E6%9D%83%E9%99%90%E6%8E%88%E4%BA%88%E5%87%BD%E6%95%B0%E8%B0%83%E7%94%A8"><span class="toc-number">7.</span> <span class="toc-text">权限授予函数调用</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#%E6%9D%83%E9%99%90%E6%8E%88%E4%BA%88%E5%87%BD%E6%95%B0%E5%AE%9E%E7%8E%B0"><span class="toc-number">8.</span> <span class="toc-text">权限授予函数实现</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#%E8%AF%B7%E6%B1%82%E6%9D%83%E9%99%90%E6%8E%88%E4%BA%88"><span class="toc-number">9.</span> <span class="toc-text">请求权限授予</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#%E6%9D%83%E9%99%90%E5%88%97%E8%A1%A8"><span class="toc-number">10.</span> <span class="toc-text">权限列表</span></a></li></ol></div></div><div class="card-widget card-recent-post"><div class="item-headline"><i class="fas fa-history"></i><span>最新文章</span></div><div class="aside-list"><div class="aside-list-item"><a class="thumbnail" href="/blog/2024/05/06/c++/5%E3%80%81%E5%AD%97%E7%AC%A6%E5%92%8C%E5%AD%97%E7%AC%A6%E4%B8%B2/" title="字符和字符串"><img src="/blog/img/library1.jpeg" onerror="this.onerror=null;this.src='/blog/img/friend_404.gif'" alt="字符和字符串"/></a><div class="content"><a class="title" href="/blog/2024/05/06/c++/5%E3%80%81%E5%AD%97%E7%AC%A6%E5%92%8C%E5%AD%97%E7%AC%A6%E4%B8%B2/" title="字符和字符串">字符和字符串</a><time datetime="2024-05-06T11:15:27.280Z" title="发表于 2024-05-06 19:15:27">2024-05-06</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/blog/2024/05/06/c++/4%E3%80%81%E6%8C%87%E9%92%88%E5%92%8C%E5%87%BD%E6%95%B0%E6%8C%87%E9%92%88/" title="指针和函数指针"><img src="/blog/img/library1.jpeg" onerror="this.onerror=null;this.src='/blog/img/friend_404.gif'" alt="指针和函数指针"/></a><div class="content"><a class="title" href="/blog/2024/05/06/c++/4%E3%80%81%E6%8C%87%E9%92%88%E5%92%8C%E5%87%BD%E6%95%B0%E6%8C%87%E9%92%88/" title="指针和函数指针">指针和函数指针</a><time datetime="2024-05-06T11:14:29.047Z" title="发表于 2024-05-06 19:14:29">2024-05-06</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/blog/2024/05/05/python/7%E3%80%81m3u8%E8%A7%86%E9%A2%91%E6%A0%BC%E5%BC%8F/" title="m3u8格式"><img src="/blog/img/library1.jpeg" onerror="this.onerror=null;this.src='/blog/img/friend_404.gif'" alt="m3u8格式"/></a><div class="content"><a class="title" href="/blog/2024/05/05/python/7%E3%80%81m3u8%E8%A7%86%E9%A2%91%E6%A0%BC%E5%BC%8F/" title="m3u8格式">m3u8格式</a><time datetime="2024-05-05T01:43:26.865Z" title="发表于 2024-05-05 09:43:26">2024-05-05</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/blog/2024/04/30/android/charles%E5%AE%89%E5%8D%93%E6%89%8B%E6%9C%BA%E6%8A%93%E5%8C%85/" title="charles 抓包"><img src="/blog/img/library1.jpeg" onerror="this.onerror=null;this.src='/blog/img/friend_404.gif'" alt="charles 抓包"/></a><div class="content"><a class="title" href="/blog/2024/04/30/android/charles%E5%AE%89%E5%8D%93%E6%89%8B%E6%9C%BA%E6%8A%93%E5%8C%85/" title="charles 抓包">charles 抓包</a><time datetime="2024-04-30T06:49:29.279Z" title="发表于 2024-04-30 14:49:29">2024-04-30</time></div></div><div class="aside-list-item"><a class="thumbnail" href="/blog/2024/04/26/python/13%E3%80%81playwright/" title="playwright"><img src="/blog/img/library1.jpeg" onerror="this.onerror=null;this.src='/blog/img/friend_404.gif'" alt="playwright"/></a><div class="content"><a class="title" href="/blog/2024/04/26/python/13%E3%80%81playwright/" title="playwright">playwright</a><time datetime="2024-04-26T07:30:36.069Z" title="发表于 2024-04-26 15:30:36">2024-04-26</time></div></div></div></div></div></div></main><footer id="footer"><div id="footer-wrap"><div class="copyright">&copy;2020 - 2024 By 侯玉东</div><div class="framework-info"><span>框架 </span><a target="_blank" rel="noopener" href="https://hexo.io">Hexo</a><span class="footer-separator">|</span><span>主题 </span><a target="_blank" rel="noopener" href="https://github.com/jerryc127/hexo-theme-butterfly">Butterfly</a></div></div></footer></div><div id="rightside"><div id="rightside-config-hide"><button id="readmode" type="button" title="阅读模式"><i class="fas fa-book-open"></i></button><button id="darkmode" type="button" title="浅色和深色模式转换"><i class="fas fa-adjust"></i></button><button id="hide-aside-btn" type="button" title="单栏和双栏切换"><i class="fas fa-arrows-alt-h"></i></button></div><div id="rightside-config-show"><button id="rightside-config" type="button" title="设置"><i class="fas fa-cog fa-spin"></i></button><button class="close" id="mobile-toc-button" type="button" title="目录"><i class="fas fa-list-ul"></i></button><button id="go-up" type="button" title="回到顶部"><span class="scroll-percent"></span><i class="fas fa-arrow-up"></i></button></div></div><div><script src="/blog/js/utils.js"></script><script src="/blog/js/main.js"></script><script src="https://cdn.jsdelivr.net/npm/@fancyapps/ui/dist/fancybox/fancybox.umd.min.js"></script><div class="js-pjax"></div><div class="aplayer no-destroy" data-id="8873950678" data-server="netease" data-type="playlist" data-fixed="true" data-autoplay="true"> </div><script defer="defer" id="ribbon" src="https://cdn.jsdelivr.net/npm/butterfly-extsrc/dist/canvas-ribbon.min.js" size="150" alpha="0.6" zIndex="-1" mobile="false" data-click="false"></script><script defer="defer" id="fluttering_ribbon" mobile="false" src="https://cdn.jsdelivr.net/npm/butterfly-extsrc/dist/canvas-fluttering-ribbon.min.js"></script><script id="click-heart" src="https://cdn.jsdelivr.net/npm/butterfly-extsrc/dist/click-heart.min.js" async="async" mobile="false"></script><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/aplayer/dist/APlayer.min.css" media="print" onload="this.media='all'"><script src="https://cdn.jsdelivr.net/npm/aplayer/dist/APlayer.min.js"></script><script src="https://cdn.jsdelivr.net/npm/butterfly-extsrc/metingjs/dist/Meting.min.js"></script><script src="https://cdn.jsdelivr.net/npm/pjax/pjax.min.js"></script><script>let pjaxSelectors = ["head > title","#config-diff","#body-wrap","#rightside-config-hide","#rightside-config-show",".js-pjax"]

var pjax = new Pjax({
  elements: 'a:not([target="_blank"])',
  selectors: pjaxSelectors,
  cacheBust: false,
  analytics: false,
  scrollRestoration: false
})

document.addEventListener('pjax:send', function () {

  // removeEventListener
  btf.removeGlobalFnEvent('pjax')
  btf.removeGlobalFnEvent('themeChange')

  document.getElementById('rightside').classList.remove('rightside-show')
  
  if (window.aplayers) {
    for (let i = 0; i < window.aplayers.length; i++) {
      if (!window.aplayers[i].options.fixed) {
        window.aplayers[i].destroy()
      }
    }
  }

  typeof typed === 'object' && typed.destroy()

  //reset readmode
  const $bodyClassList = document.body.classList
  $bodyClassList.contains('read-mode') && $bodyClassList.remove('read-mode')

  typeof disqusjs === 'object' && disqusjs.destroy()
})

document.addEventListener('pjax:complete', function () {
  window.refreshFn()

  document.querySelectorAll('script[data-pjax]').forEach(item => {
    const newScript = document.createElement('script')
    const content = item.text || item.textContent || item.innerHTML || ""
    Array.from(item.attributes).forEach(attr => newScript.setAttribute(attr.name, attr.value))
    newScript.appendChild(document.createTextNode(content))
    item.parentNode.replaceChild(newScript, item)
  })

  GLOBAL_CONFIG.islazyload && window.lazyLoadInstance.update()

  typeof panguInit === 'function' && panguInit()

  // google analytics
  typeof gtag === 'function' && gtag('config', '', {'page_path': window.location.pathname});

  // baidu analytics
  typeof _hmt === 'object' && _hmt.push(['_trackPageview',window.location.pathname]);

  typeof loadMeting === 'function' && document.getElementsByClassName('aplayer').length && loadMeting()

  // prismjs
  typeof Prism === 'object' && Prism.highlightAll()
})

document.addEventListener('pjax:error', e => {
  if (e.request.status === 404) {
    pjax.loadUrl('/blog/404.html')
  }
})</script><script async data-pjax src="//busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script></div></body></html>